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IN THE CLAIMS 



1. (Currently Amended) A system enabling individual organizations of a plurality 
of different organizations to manage access of their own respective employees to at least 
one remotely located application hosted by an application service provider, comprising: 
at an application service provider site, 

at least one database containing data representing, 

a plurality of user interface images associated with a corresponding 
plurality of organizations, and 

a plurality of executable procedures associated with the corresponding 
plurality of user interface images, an executable procedure supporting a user of a 
particular organization of said plurality of organizations in managing access of 
employees of the particular organization to an application hosted by an application 
service provider and used by said plurality of organizations; and 

a command processor employing the at least one database for initiating execution 
of a particular executable procedure in response to a command initiated at a remote 
location associated with the particular organization using a particular user interface image 
associated with the particular executable procedure and with the particular organization, 
the particular executable procedure supporting the user in managing and granting access 
of an employee of the particular organization to an application and associated application 
data specific to said particular organization without intervention by the application 
service provider and excluding access to said application data specific to said particular 
organization by employees of organizations other than said particular organization. 

2. (Previously Presented) A system according to claim I, wherein 

said at least one database, said command processor, said application and 
associated application data specific to said particular organization are located at said 
application service provider site behind a firewall and accessed through said firewall by 
users of said plurality of organizations and including 

an authorization processor for authorizing access of the user to the particular user 
interface image and the associated particular executable procedure in response to 
received identification information of the user. 

3. (Previously Presented) A system according to claim 2, wherein 



2 



Ser. No. 10/758,984 



PATENT 
03P00652US01 



said particular executable procedure and said particular user interface 
image are specifically associated with said particular organization and 

the authorization processor excludes access of the user and employees of the 
particular organization to user interface images and executable procedures and data 
associated with organizations other than the particular organization. 

4. (Original) A system according to claim 3, wherein 

the authorization processor excludes access to -the -user and employees of the 
particular organization to data associated with organizations other than the particular 
organization by removing permission of the user and employees of the particular 
organization to access the data associated with the other organizations from a directory of 
permissions used to control data access. 

5. (Original) A system according to claim 4, wherein 

the directory of permissions comprises a Microsoft compatible Active Control 
List (ACL). 

6. (Original) A system according to claim 4, wherein 

the authorization processor removes the permission of the user and employees of 
the particular organization in response to addition of the particular organization as a new 
organization to the plurality of organizations. 

7. (Original) A system according to claim 1, wherein 

the plurality of executable procedures comprises a plurality of sets of executable 
procedures associated with the corresponding plurality of user interface images and 

the command processor employs the at least one database for initiating execution 
of a particular executable procedure in a particular set of executable procedures in 
response to a command initiated using the particular user interface image. 

8. (Original) A system according to claim 1, wherein 

an executable procedure enables the user to at least one of, (a) add an employee 
and (b) remove an employee, of an organization as a user entitled to access the 
application hosted by the application service provider. 

9. (Original) A system according to claim 8, wherein 
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the executable procedure changes authorization information associated with the 
added or removed employee. 

10. (Original) A system according to claim 1, wherein 

an executable procedure enables the user to amend information used in 
authorizing a particular employee of an organization to access the application hosted by 
the application service provider. 

1 1. (Original) A system according to claim 1, including 

an authorization processor for authorizing access of the employee of the particular 
organization to the particular user interface image and the associated particular 
executable procedure in response to received employee identification information. 

12. (Original) A system according to claim 1 1, wherein 

the authorization processor uses a combination of an organization specific 
identifier and received employee identification information in providing an employee 
access to the application hosted by the application service provider to prevent replication 
of user identification information between two employees of different organizations of 
the plurality of organizations. 

13. (Original) A system according to claim 1, wherein 

an executable procedure comprises processor executable instruction in a computer 
language including at least one of, (a) assembly language, (b) machine code, (c) a 
compiled computer language, (d) an interpreted computer language, (e) a compilable 
computer language, (f) a script language and (g) hardware encoded logic. 

3 4. (Original) A system according to claim 1 , wherein 

the particular executable procedure comprises a template procedure customized 
by at least one of, (a) the user and (b) a technician. 

15. (Original) A system according to claim 1, wherein 

at least one of, (a) the command is initiated at a user site via a particular user 
interface image communicated to the user site and (b) the particular executable procedure 
is communicated to a user site and executed at the user site. 
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16. (Currently Amended) A system enabling an individual organization of a 
plurality of different organizations to manage access of their own respective employees to 
at least one remotely located application hosted by an application service provider, 
comprising: 

at an application service provider site, 

a communication processor for accessing at least one database containing data 
representing, 

a plurality of user interface images associated with a corresponding 
plurality of organizations, and 

a plurality of executable procedures associated with the corresponding 
plurality of user interface images, an executable procedure supporting a user of a 
particular organization of said plurality of organizations in managing access of 
employees of the particular organization to an application hosted by an application 
service provider and used by said plurality of organizations; 

at least one repository including data representing an application and associated 
application data specific to said particular organization; and 

a command processor for using the communication processor in initiating 
execution of a particular organization specific executable procedure in response to a 
command initiated at a remote user site associated with the particular organization using 
a particular organization specific user interface image communicated to the user site, the 
particular user interface image being associated with the particular executable procedure 
and with the particular organization, the particular executable procedure supporting the 
user in managing and granting access of an employee of the particular organization to 
said application and said associated application data specific to said particular 
organization following login to said application and without intervention by the 
application service provider and excluding access to said application data specific to said 
particular organization by employees of organizations other than said particular 
organization. 



17. (Currently Amended) A system enabling individual organizations of a 
plurality of different organizations to manage access of their own respective employees to 
at least one remotely located application hosted by an application service provider, 
comprising: 

at an application service provider site, 
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at least one database containing data representing, 

a images associated with a corresponding plurality of organizations, and 
a plurality of executable procedures associated with the corresponding 
plurality of user interface images, an executable procedure supporting a user of a 
particular organization of said plurality of organizations in managing access of 
employees of the particular organization to an application hosted by an application 
service provider and used by said plurality of organizations; 

at Ieast one repository including data representing an application and associated 
application data specific to said particular organization; 

an authorization processor for authorizing access of the user to a particular user 
interface image and an associated particular executable procedure associated with the 
particular organization in response to received identification information of the user and 
excluding access of the user and employees of the particular organization to user 
interface images and executable procedures and data associated with the organizations 
other than the particular organization; and 

a command processor employing the at least one database for initiating execution 
of a particular executable procedure in response to a command initiated at a remote 
location associated with the particular organization using a particular user interface image 
associated with the particular executable procedure and with the particular organization, 
the particular executable procedure supporting the user in managing and granting access 
of an employee of the particular organization to an application and associated application 
data specific to said particular organization without intervention by the application 
service provider and excluding access to said application data specific to said particular 
organization by employees of organizations other than said particular organization. 

18. (Original) A system according to claim 17, wherein 

the authorization processor authorizes access of the user in response to a 
command initiated using the particular user interface image, 

19. (Currently Amended) A user interface system enabling individual 
organizations of a plurality of different organizations to manage access of their own 
respective employees to at least one remotely located application hosted by an application 
service provider, comprising: 

at an application service provider site and accessed via a firewall, 
at least one database containing data representing, 
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a plurality of sets of user interface images associated with a corresponding 
plurality of organizations, and 

a plurality of executable procedures associated with the corresponding 
plurality of sets of user interface images, an executable procedure supporting a user of a 
particular organization of said plurality of organizations in managing access of 
employees of the particular organization to an application hosted by an application 
service provider and used by said plurality of organizations; and 

a command processor employing the at least one database for initiating execution 

of a particular executable procedure in response to a command initiated at a remote 
location associated with the particular organization using a user interface image selected 
from a set of images associated with a particular organization, the particular executable 
procedure supporting the user in managing and granting access of an employee of the 
particular organization to an application and associated application data specific to said 
particular organization without intervention by the application service p rovider and 
excluding access to said application data specific to said particular organization by 
employees of organizations other than said particular organization. 
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